The basis of P2P traffic control is to classify P2P traffic accurately. Several methods such as port-based, signature-based, pattern-based and statistics-based method have been proposed for P2P traffic classification. However, as P2P applications have tried to avoid being easily detected, it becomes hard to classify P2P traffic accurately using only one method. In this paper, we propose an improved two-step P2P traffic classifier by combining signature-based classifier with connection heuristics in packet-level, and statistics-based classifier in flow-level. With connection heuristics, our scheme detects P2P traffic quickly in packet-level classification and reduces the amount of computation. Through verification with real datasets, we show that our two-step scheme has high accuracy and low overhead compared to simple combination of signature-based scheme and statistics-based scheme.
In this paper, we propose an improved detection scheme to protect a Web
server from detoured attacks, which disclose confidential/ private
information or disseminate malware codes through outbound traffic. Our scheme
has a two-step hierarchy, whose detection methods are complementary to each
other. The first step is a signature-based detector that uses Snort and
detects the marks of disseminating malware, XSS, URL Spoofing and information
leakage from the Web server. The second step is an anomaly-based detector
which detects attacks by using the probability evaluation in HMM, driven by
both payload and traffic characteristics of outbound packets. Through the
verification analysis under the attacked Web server environment, we show that
our proposed scheme improves the False Positive rate and detection efficiency
for detecting detoured attacks to a Web server.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.